Hi All,
Since I was looking out for an attachment policy with qmail could not
find any, thought to do one
Patch function (only if email contains attachment)
x...@local to a...@local allow sending of email
a...@local to a...@external deny sending of email
Can also be enabled with tcp-evn but not done
would like to have it as per user profile
Can someone help me in doing it as per field in ldap
meaning sending of attachment email either yes or no should be stored in
ldap
also if someone can go through the code and find if any bugs and correct
them will be great
apply the patch for vanila qmail-lda src
//Remy
------------------------------------------------------------------------------
Disclaimer and Confidentiality
This material has been checked for computer viruses and although none has
been found, we cannot guarantee that it is completely free from such problems
and do not accept any liability for loss or damage which may be caused.
Please therefore check any attachments for viruses before using them on your
own equipment. If you do find a computer virus please inform us immediately
so that we may take appropriate action. This communication is intended solely
for the addressee and is confidential. If you are not the intended recipient,
any disclosure, copying, distribution or any action taken or omitted to be
taken in reliance on it, is prohibited and may be unlawful. The views
expressed in this message are those of the individual sender, and may not
necessarily be that of ISA.
--- qmail-1.03.orig/execcheck.c 2008-10-18 23:49:33.000000000 +0400
+++ git/qmail/execcheck.c 2009-06-29 12:10:11.000000000 +0400
@@ -52,6 +52,7 @@
static int checkexecutable = 0;
static int flagexecutable;
+static int flagattachment;
static stralloc signatures = {0};
void
@@ -81,6 +82,12 @@
return flagexecutable;
}
+int
+attachmentcheck_flag(void)
+{
+ return flagattachment;
+}
+
static int
signatures_match(stralloc *line, char *sig)
{
@@ -107,6 +114,17 @@
return 0;
}
+static int
+attachments_check(stralloc *line)
+{
+ char *s;
+ s = "Content-Disposition: attachment; filename=";
+
+ if(signatures_match(line, s))
+ return 1;
+ return 0;
+}
+
static int linespastheader; /* = 0 if in header (mime or mail)
* = 1 line after blank line
* = 2 somewhere in body
@@ -217,6 +235,7 @@
boundary_start = 0;
boundary_len = 0;
flagexecutable = 0;
+ flagattachment = 0;
flagrfc822 = 0;
linetype = ' ';
}
@@ -243,6 +262,9 @@
* in mail or mime header, search for content-type
* and possible boundary
*/
+ if(attachments_check(&line))
+ flagattachment = 1;
+
if (line.len == 1) { /* end of header */
linespastheader = 1;
if (content.len) /* MIME header */
--- qmail-smtpd.c.orig 2009-06-29 12:14:12.000000000 +0400
+++ qmail-smtpd.c 2009-06-29 12:07:14.000000000 +0400
@@ -302,6 +302,8 @@
unsigned int maxrcptcount = 0;
int greylist = 0;
int sendercheck = 0;
+int rcptlocalflag = 0;
+int senderlocalflag = 0;
int rcptcheck = 0;
int ldapsoftok = 0;
int flagauth = 0;
@@ -1118,6 +1120,7 @@
switch (ldaplookup(addr.s, &s)) {
case 1: /* valid */
+ senderlocalflag = 1;
logline(4,"sender verify OK");
break;
case 0: /* invalid */
@@ -1229,6 +1232,7 @@
/* check if recipient exists in ldap */
if (rcptcheck) {
+ rcptlocalflag = 0;
if (!goodmailaddr()) {
logline(4,"recipient verify, recipient not in goodmailaddr");
if (addrlocals()) {
@@ -1236,6 +1240,7 @@
logline(4,"recipient verify, recipient is local");
switch (ldaplookup(addr.s, &s)) {
case 1: /* valid */
+ rcptlocalflag = 1;
logline(4,"recipient verify OK");
break;
case 0: /* invalid */
@@ -1554,6 +1559,18 @@
#endif
blast(&hops);
+#ifdef SMTPEXECCHECK
+ /* check if the email has attachment*/
+ if (attachmentcheck_flag()) {
+ if (senderlocalflag && !rcptlocalflag) {
+ out("552 You are not allowed to send email with attachment other then to your local address (#5.3.5)\r\n");
+ logline(3,"email with attachment other then to your local address denied");
+ if (errdisconnect) err_quit();
+ return;
+ }
+ }
+#endif
+
#ifdef DATA_COMPRESS
if (wantcomp) { if (compression_done() != 0) return; }
#endif
